X thro ssh

Saravana Kumar tuxkumar at gmail.com
Thu Nov 17 05:26:00 UTC 2005 

Saravana Kumar wrote:

> STYMA, ROBERT E (ROBERT) wrote:
> 
>>> 
>>> Hi fellow admins,
>>> 
>>> I posted to this fedora.desktop and was redirected.
>>> 
>>> I have a peculiar requirement. We have two offices. People from second
>>> office(say #2) want to connect to the server in first
>>> office(say #1). They
>>> want to run the GUI applications in the office #1 server from
>>> office #2.
>>> 
>>> I tried to do this with VNC server and it works fine. But VNC
>>> is goes thro
>>> unencrypted(open) connection. Is there a way to do this in a secured
>>> way(read that xdmcp is not possible as it uses UDP).
>>> 
>>> Inside our network(LAN) if connect from one system to other
>>> thro ssh and
>>> start an gui application that application shows up in the client. This
>>> doesn't happen when i connect to server and start gui
>>> apps(says display not
>>> set). iptables runs in the server. Do i have to open any port
>>> for that?
>>> 
>>> Any help or pointer in this regard is appreciated.
>>> 
>> You can use port forwarding within SSH to accomplish this
>> task with VNC.  In a nutshell, you port forward some port near 5900
>> (the vnc port) on the local machine to port 5900 on the machine
>> running the vnc server.  This is done in your ~/.ssh/config file.
>> For example:
>>  LocalForward 5925 192.168.0.5:5900
>> 
>> You then run:
>> vncclient localhost:25
>> and it will connect through the secure tunnel to port 5900 on the
>> target machine.  In the example 192.168.0.5
>> 
>> For X, the task is even easier.  Run:
>> ssh -X -Y remote_machine.my.domain
>> (where remote_machine.my.domain is the other machine)
>> and X will be forwarded back to the local machine.
>> If this does not work, check the /etc/ssh/sshd_config to
>> make sure X11 tunnelling is allowed. (search for X11 in the file).
>> 
>> Bob Styma
>> 
> Thanks For the help Bob.
> 
> Let me put on what i did from first.
> 
> In the beginning(before posting here) i took two systems(rose & glob) to
> test how this works. Both are FC4 systems and the default(X11Forward yes
> in sshd_config) is unchanged. I connect from rose to glob thro ssh(ssh
> rose.mydomain.com) and say xclock the app shows up in rose. But when i
> connect from glob to rose thro ssh(ssh glob.mydomain.com) and say xclock
> it wont work. This is annoying. Any idea where i am going wrong. As both
> are inside lan there is no firewall in them. i can connect in text mode
> from each other.
> 
> I am going to try what you said in a short while and post the results
> here.
> 
> Thanks Again,
> 
> regds,
> SK
> 
Sorry in glob ForwardX11 yes was not enabled in the ssh_config. Now
everything works fine from both systems. And hey it works without
specifying -X, -Y options.

Just to add up in both machines vncserver is not running.

regds,
SK

More information about the fedora-list mailing list